<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  
  <title>iOS抓包工具介绍 | 素墨文胤</title>
  <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
  <meta name="description" content="iOS抓包工具有 Charles、HTTPScoop、Wireshark、RVI+tcpdump+tcprewrite 等等：一、CharlesCharles官网 http://www.charlesproxy.com/需要一个路由连接Mac和iOS设备，iOS设备通过代理转到Mac上请求a、HTTP抓包1、打开Charles程序2、查看Mac电脑的IP地址，如192.168.1.73、打开iOS">
<meta property="og:type" content="article">
<meta property="og:title" content="iOS抓包工具介绍">
<meta property="og:url" content="http://godera.org/2016/01/11/iOS抓包工具介绍/index.html">
<meta property="og:site_name" content="素墨文胤">
<meta property="og:description" content="iOS抓包工具有 Charles、HTTPScoop、Wireshark、RVI+tcpdump+tcprewrite 等等：一、CharlesCharles官网 http://www.charlesproxy.com/需要一个路由连接Mac和iOS设备，iOS设备通过代理转到Mac上请求a、HTTP抓包1、打开Charles程序2、查看Mac电脑的IP地址，如192.168.1.73、打开iOS">
<meta property="og:updated_time" content="2016-01-11T08:56:48.000Z">
<meta name="twitter:card" content="summary">
<meta name="twitter:title" content="iOS抓包工具介绍">
<meta name="twitter:description" content="iOS抓包工具有 Charles、HTTPScoop、Wireshark、RVI+tcpdump+tcprewrite 等等：一、CharlesCharles官网 http://www.charlesproxy.com/需要一个路由连接Mac和iOS设备，iOS设备通过代理转到Mac上请求a、HTTP抓包1、打开Charles程序2、查看Mac电脑的IP地址，如192.168.1.73、打开iOS">
  
  
    <link rel="icon" href="/favicon.png">
  

  <link rel="stylesheet" href="/css/style.css">
  
    <link rel="stylesheet" href="/fancybox/jquery.fancybox.css">
  
  
    <link rel="stylesheet" href="/scrollLoading/style.css">
  
  


  

  
    <link href='//fonts.useso.com/css?family=Titillium+Web:300,400,600' rel='stylesheet' type='text/css'>
    <link href="//fonts.useso.com/css?family=Source+Code+Pro" rel="stylesheet" type="text/css">
  
  <link rel="stylesheet" href="/font-awesome/css/font-awesome.min.css">
</head>

<body>
  <div id="wrap">
    <header id="header">
  <div id="header-outer" class="outer">
    <div class="container">
      <div class="container-inner">
        <div id="header-title">
          <h1 class="logo-wrap">
            <a href="/" class="logo"></a>
          </h1>
          
            <h2 class="subtitle-wrap">
              <p class="subtitle">一日心静一日仙，不以神力乱人间。</p>
            </h2>
          
        </div>
        <div id="header-inner" class="nav-container">
          <a id="main-nav-toggle" class="nav-icon fa fa-bars"></a>
          <div class="nav-container-inner">
            <ul id="main-nav">
              
                <li class="main-nav-list-item" ><a class="main-nav-list-link" href="/">Home</a></li>
              
                    <ul class="main-nav-list"><li class="main-nav-list-item"><a class="main-nav-list-link" href="/categories/JS/">JS</a></li><li class="main-nav-list-item"><a class="main-nav-list-link" href="/categories/Unix-Linux/">Unix_Linux</a></li><li class="main-nav-list-item"><a class="main-nav-list-link" href="/categories/iOS/">iOS</a></li><li class="main-nav-list-item"><a class="main-nav-list-link" href="/categories/哲学辨思/">哲学辨思</a></li><li class="main-nav-list-item"><a class="main-nav-list-link" href="/categories/数据库/">数据库</a></li><li class="main-nav-list-item"><a class="main-nav-list-link" href="/categories/文字文化/">文字文化</a></li><li class="main-nav-list-item"><a class="main-nav-list-link" href="/categories/生活感悟/">生活感悟</a></li><li class="main-nav-list-item"><a class="main-nav-list-link" href="/categories/随心随性/">随心随性</a></li><li class="main-nav-list-item"><a class="main-nav-list-link" href="/categories/默认标签/">默认标签</a></li></ul>
                  
                <li class="main-nav-list-item" ><a class="main-nav-list-link" href="/about/index.html">About</a></li>
              
            </ul>
            <nav id="sub-nav">
              <div id="search-form-wrap">
                
                  <form action="//google.com/search" method="get" accept-charset="UTF-8" class="search-form"><input type="search" name="q" results="0" class="search-form-input" placeholder="Search"><input type="hidden" name="sitesearch" value="http://godera.org"></form>
                
              </div>
            </nav>
          </div>
        </div>
      </div>
    </div>
  </div>
</header>
    <div class="container">
      <div class="main-body container-inner">
        <div class="main-body-inner">
          <section id="main">
            <div class="main-body-header">

              <h1 class="header"><a class="page-title-link" href="/categories/iOS/">iOS</a></h1>
            </div>
            <div class="main-body-content">
              
  <article id="post-iOS抓包工具介绍" class="article article-single article-type-post" itemscope itemprop="blogPost">
    <div class="article-inner">
      <!--  -->
      
        <header class="article-header">
          
  
    <h1 class="article-title" itemprop="name">
      iOS抓包工具介绍
    </h1>
  

        </header>
      
      <p class="article-byline">
        <a href="/2016/01/11/iOS抓包工具介绍/" class="article-date">
  <time datetime="2016-01-11T08:38:26.000Z" itemprop="datePublished">2016-01-11</time>
</a>
      </p>
      <div class="article-entry" itemprop="articleBody">
        <h3 id="iOS抓包工具有_Charles、HTTPScoop、Wireshark、RVI+tcpdump+tcprewrite_等等：">iOS抓包工具有 Charles、HTTPScoop、Wireshark、RVI+tcpdump+tcprewrite 等等：</h3><h3 id="一、Charles">一、Charles</h3><p>Charles官网 <a href="http://www.charlesproxy.com/" target="_blank" rel="external">http://www.charlesproxy.com/</a><br>需要一个路由连接Mac和iOS设备，iOS设备通过代理转到Mac上请求<br>a、HTTP抓包<br>1、打开Charles程序<br>2、查看Mac电脑的IP地址，如192.168.1.7<br>3、打开iOS设置，进入当前WiFi连接，设置HTTP代理Group，将服务器填为上一步中获得的IP，即192.168.1.7，端口填8888<br>4、iOS设备打开你要抓包的APP进行网络操作<br>5、Charles弹出确认框，点击Allow按钮即可<br>b、HTTPS抓包<br>1、在 iOS 设备上打开这个网址 <a href="http://www.charlesproxy.com/getssl" target="_blank" rel="external">http://www.charlesproxy.com/getssl</a> 安装 Charles SSL 证书<br>2、在Charles的工具栏上点击设置按钮，选择Proxy Settings…<br>3、切换到SSL选项卡，选中Enable SSL Proxying，别急，选完先别关掉，还有下一步。这一步跟Fiddler不同，Fiddler安装证书后就可以抓HTTPS网址的包了，Charles则麻烦一些，需要在上一步的SSL选项卡的Locations表单填写要抓包的域名和端口，点击Add按钮，在弹出的表单中Host填写域名，比如填api.instagram.com，Port填443<br>4、接下来就跟HTTP抓包一样了<br>参考文章：<a href="http://www.99css.com/1272/" target="_blank" rel="external">http://www.99css.com/1272/</a></p>
<h3 id="二、HTTPScoop">二、HTTPScoop</h3><p>需要 Mac 一边连广域网、一边用无线网卡开网络共享给iOS设备，然后抓取该网络共享的无线网卡的包</p>
<h3 id="三、Wireshark太强大以致用不了">三、Wireshark太强大以致用不了</h3><h3 id="四、RVI+tcpdump+tcprewrite">四、RVI+tcpdump+tcprewrite</h3><p>需求：iOS系统要求5.0以上，拥有Mac OS 并且安装XCode</p>
<p>Apple在iOS5.0以上增加了RVI(Remote Virtual Interface）,打开它非常简单，只需要把iOS设备通过usb连接到Mac上，然后打开“终端”，输入</p>
<p>rvictl -s [Your Device’s UDID]<br>然后在终端上会显示</p>
<p>Starting device <strong><strong>**</strong></strong> [SUCCEEDED]<em>*</em><br>字样</p>
<p>如果这一步产生了什么错误的话，可能是没有安装XCode或者UDID输入错误</p>
<p>接下来在终端可以使用</p>
<p>ifconfig -l<br>查看当前Mac上的接口，比如（不同Mac可能会有差异）：</p>
<p>lo0 gif0 en0 en1 fw0 rvi0<br>其中rvi0就是Remote Virtual Interface，这也就意味着在你的Mac上虚拟了一个iOS设备接口,接下来就是通过tcpdump抓取这个接口上的数据包</p>
<p> sudo tcpdump -i rvi0 -n -s 0 -w dump.pcap tcp<br>解释一下上面重要参数的含义：</p>
<p>-i rvi0 选择需要抓取的接口为rvi0（远程虚拟接口）<br>-s 0 抓取全部数据包<br>-w dump.pcap 设置保存的文件名称<br>tcp 只抓取tcp包<br>当tcpdump运行之后，你可以在iOS设备上开始浏览你想抓取的App，期间产生的数据包均会保存到dump.pcap文件中，当想结束抓取时直接终止tcpdump即可</p>
<p>接下来就是需要处理抓取的数据，目前通过tcpdump保存的dump.pcap保存的是原始数据，但是一些常用的抓包软件（比如Chales）是解析不了的，所以需要做一个转换。</p>
<p>打开终端,我们需要使用tcprewrite这款工具，如果没有安装的话，可以通过HomeBrew快速安装</p>
<p>brew install tcpreplay<br>我们需要的tcprewrite是tcpreplay套件中的一个工具，当安装完成后，输入</p>
<p>tcprewrite –dlt=enet –enet-dmac=00:11:22:33:44:55 –enet-smac=66:77:88:99:AA:BB –infile=dump.pcap –outfile=dumpFinal.pcap<br>如果没有报错就说明转换成功，之后使用Chales打开dumpFinal.pcap就可以查看到刚才的数据包了。</p>

      </div>
      <footer class="article-footer">
        <a data-url="http://godera.org/2016/01/11/iOS抓包工具介绍/" data-id="ciw7o5qih002f3refi8t8w36n" class="article-share-link"><i class="fa fa-share"></i>Share</a>
        
        
  <ul class="article-tag-list"><li class="article-tag-list-item"><a class="article-tag-list-link" href="/tags/iOS/">iOS</a></li></ul>

      </footer>
    </div>
  </article>
  
  


<!--高速版-->
<div id="SOHUCS"></div>
<script charset="utf-8" type="text/javascript" src="http://changyan.sohu.com/upload/changyan.js" ></script>
<script type="text/javascript">
    window.changyan.api.config({
        appid: 'cys5Qvajj',
        conf: 'prod_62197afb84b42bd16c642feedaaef9f1'
    });
</script>   

            </div>
          </section>
          <aside id="sidebar">
  <a class="sidebar-toggle" title="Expand Sidebar"><i class="toggle icon"></i></a>
  <div class="sidebar-top">
    <p>follow:</p>
    <ul class="social-links">
      
        <li><a class="social-tooltip" title="github" href="https://github.com/godera" target="_blank"><i class="icon fa fa-github"></i></a></li>
      
    </ul>
  </div>
  
    
<nav id="article-nav">
  
    <a href="/2016/01/11/iOS-APP-Documents、Library和tmp目录的用途/" id="article-nav-newer" class="article-nav-link-wrap">
      <strong class="article-nav-caption">newer</strong>
      <p class="article-nav-title">
        
          iOS APP Documents、Library和tmp目录的用途
        
      </p>
      <i class="icon fa fa-chevron-right" id="icon-chevron-right"></i>
    </a>
  
  
    <a href="/2015/12/28/Xcode如何生成-Managed-by-Xcode-签名/" id="article-nav-older" class="article-nav-link-wrap">
      <strong class="article-nav-caption">older</strong>
      <p class="article-nav-title">Xcode如何生成 (Managed by Xcode) 签名</p>
      <i class="icon fa fa-chevron-left" id="icon-chevron-left"></i>
    </a>
  
</nav>

  
  <div class="widgets-container">
    
      
  <div class="widget-wrap">
    <h3 class="widget-title">recents</h3>
    <div class="widget">
      <ul id="recent-post" class="">
        
          <li>
            
            <div class="item-thumbnail">
              
<a href="/2016/11/30/Markdown-技巧汇总（持续帖）/" class="thumbnail">
  
    <span class="thumbnail-image thumbnail-none"></span>
  
</a>

            </div>
            
            <div class="item-inner">
              <p class="item-category"><a class="article-category-link" href="/categories/iOS/">iOS</a></p>
              <p class="item-title"><a href="/2016/11/30/Markdown-技巧汇总（持续帖）/" class="title">Markdown 技巧汇总（持续帖）</a></p>
              <p class="item-date"><time datetime="2016-11-30T05:10:18.000Z" itemprop="datePublished">2016-11-30</time></p>
            </div>
          </li>
        
          <li>
            
            <div class="item-thumbnail">
              
<a href="/2016/11/27/CocoaPods-指南/" class="thumbnail">
  
    <span class="thumbnail-image thumbnail-none"></span>
  
</a>

            </div>
            
            <div class="item-inner">
              <p class="item-category"><a class="article-category-link" href="/categories/iOS/">iOS</a></p>
              <p class="item-title"><a href="/2016/11/27/CocoaPods-指南/" class="title">CocoaPods 指南</a></p>
              <p class="item-date"><time datetime="2016-11-27T11:03:26.000Z" itemprop="datePublished">2016-11-27</time></p>
            </div>
          </li>
        
          <li>
            
            <div class="item-thumbnail">
              
<a href="/2016/04/16/OC-和-Swift-的混用方法/" class="thumbnail">
  
    <span class="thumbnail-image thumbnail-none"></span>
  
</a>

            </div>
            
            <div class="item-inner">
              <p class="item-category"><a class="article-category-link" href="/categories/iOS/">iOS</a></p>
              <p class="item-title"><a href="/2016/04/16/OC-和-Swift-的混用方法/" class="title">OC 和 Swift 的混用方法</a></p>
              <p class="item-date"><time datetime="2016-04-16T11:11:42.000Z" itemprop="datePublished">2016-04-16</time></p>
            </div>
          </li>
        
          <li>
            
            <div class="item-thumbnail">
              
<a href="/2016/04/11/ReactiveCocoa-简单总结/" class="thumbnail">
  
    <span class="thumbnail-image thumbnail-none"></span>
  
</a>

            </div>
            
            <div class="item-inner">
              <p class="item-category"><a class="article-category-link" href="/categories/iOS/">iOS</a></p>
              <p class="item-title"><a href="/2016/04/11/ReactiveCocoa-简单总结/" class="title">ReactiveCocoa 简单总结</a></p>
              <p class="item-date"><time datetime="2016-04-11T03:00:29.000Z" itemprop="datePublished">2016-04-11</time></p>
            </div>
          </li>
        
          <li>
            
            <div class="item-thumbnail">
              
<a href="/2016/04/09/从汉语字面理解-观察者模式-和-订阅者模式-的区别/" class="thumbnail">
  
    <span class="thumbnail-image thumbnail-none"></span>
  
</a>

            </div>
            
            <div class="item-inner">
              <p class="item-category"><a class="article-category-link" href="/categories/Unix-Linux/">Unix_Linux</a></p>
              <p class="item-title"><a href="/2016/04/09/从汉语字面理解-观察者模式-和-订阅者模式-的区别/" class="title">从汉语字面理解 观察者模式 和 订阅者模式 的区别</a></p>
              <p class="item-date"><time datetime="2016-04-09T10:19:20.000Z" itemprop="datePublished">2016-04-09</time></p>
            </div>
          </li>
        
      </ul>
    </div>
  </div>

    
      
  <div class="widget-wrap widget-list">
    <h3 class="widget-title">archives</h3>
    <div class="widget">
      <ul class="archive-list"><li class="archive-list-item"><a class="archive-list-link" href="/archives/2016/11/">November 2016</a><span class="archive-list-count">2</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2016/04/">April 2016</a><span class="archive-list-count">3</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2016/03/">March 2016</a><span class="archive-list-count">4</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2016/02/">February 2016</a><span class="archive-list-count">1</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2016/01/">January 2016</a><span class="archive-list-count">2</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2015/12/">December 2015</a><span class="archive-list-count">3</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2015/11/">November 2015</a><span class="archive-list-count">6</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2015/10/">October 2015</a><span class="archive-list-count">2</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2015/09/">September 2015</a><span class="archive-list-count">1</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2015/08/">August 2015</a><span class="archive-list-count">1</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2015/06/">June 2015</a><span class="archive-list-count">1</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2015/05/">May 2015</a><span class="archive-list-count">4</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2015/04/">April 2015</a><span class="archive-list-count">3</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2015/03/">March 2015</a><span class="archive-list-count">36</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2015/02/">February 2015</a><span class="archive-list-count">1</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2015/01/">January 2015</a><span class="archive-list-count">1</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2014/10/">October 2014</a><span class="archive-list-count">1</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2012/06/">June 2012</a><span class="archive-list-count">1</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2011/10/">October 2011</a><span class="archive-list-count">1</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2010/06/">June 2010</a><span class="archive-list-count">1</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2008/08/">August 2008</a><span class="archive-list-count">1</span></li></ul>
    </div>
  </div>


    
      
  <div class="widget-wrap widget-float">
    <h3 class="widget-title">tag cloud</h3>
    <div class="widget tagcloud">
      <a href="/tags/JS/" style="font-size: 10px;">JS</a> <a href="/tags/Unix-Linux/" style="font-size: 14px;">Unix_Linux</a> <a href="/tags/iOS/" style="font-size: 20px;">iOS</a> <a href="/tags/哲学辨思/" style="font-size: 16px;">哲学辨思</a> <a href="/tags/数据库/" style="font-size: 10px;">数据库</a> <a href="/tags/文字文化/" style="font-size: 18px;">文字文化</a> <a href="/tags/生活感悟/" style="font-size: 14px;">生活感悟</a> <a href="/tags/随心随性/" style="font-size: 12px;">随心随性</a> <a href="/tags/默认标签/" style="font-size: 10px;">默认标签</a>
    </div>
  </div>


    
      
  <div class="widget-wrap widget-list">
    <h3 class="widget-title">links</h3>
    <div class="widget">
      <ul>
        
          <li>
            <a href="http://hexo.io">Hexo</a>
          </li>
        
      </ul>
    </div>
  </div>


    
  </div>
</aside>
        </div>
      </div>
    </div>
    <footer id="footer">
  
  <div class="container">
    <div class="container-inner">
      <a id="back-to-top" href="javascript:;"><i class="icon fa fa-angle-up"></i></a>
      <div class="credit">
        <h1 class="logo-wrap">
          <a href="/" class="logo"></a>
        </h1>
        <p>&copy; 2016 梁逊</p>
        <p>Powered by <a href="//hexo.io/" target="_blank">Hexo</a>. Theme by <a href="//github.com/ppoffice" target="_blank">PPOffice</a></p>
      </div>
    </div>
  </div>
</footer>
    


  <script src="http://code.jquery.com/jquery-2.1.3.min.js"></script>



  <script src="/fancybox/jquery.fancybox.pack.js"></script>



  <script src="/scrollLoading/jquery.scrollLoading.js"></script>
  <script src="/scrollLoading/main.js"></script>




<script src="/js/html-patch.js"></script>
<script src="/js/script.js"></script>

  </div>
</body>
</html>
